Sunday, July 18, 2010

Update: Another virus hits Yahoo! Messenger.

A virus which is not new to Yahoo!'s network seems to be hitting it again. A Romanian website for security warns users of Yahoo! Messenger about its existence and offers help in fixing it. This virus sends various links, most of them referring to Facebook (so this creates confusion between users). Some of them are pasted here:

http://ow.ly/2D4zB?=www.facebook.com/photo.php

is this you on pic? http://ow.ly/2cWs2?=www.facebook.com/photo.php

foto :D http://ow.ly/2d3aB?=www.facebook.com/photo.php

foto :D http://ow.ly/2cTes?=www.facebook.com/photo.php

foto :D http://ow.ly/2bmMb?=www.facebook.com/photo.php

foto :D http : //ow.ly/2b7Xp?=www.facebook.com/photo.php

foto :D http://ow.ly/2aG6r?=www.facebook.com

foto :D http://ow.ly/2arJj?=www.facebook.com

foto :D http://ow.ly/2aHoc?=www.facebook.com

The virus asks user to download a file, which is, of course, the virus. Here are some examples of files containing the virus:

012457566896789-JPG-www.facebook.com.exe

PIC348u6234-www.facebook.com.JPG.exe

n719753102_09.JPG-www.facebook.exe

n11975310_09.JPG-www.facebook.exe

n11975310_09.JPG-www.facebosok.exe

n777719102_09.JPG-www.facebook.exe

102_09.JPG-www.facebook.exe

9.JPG-www.facebook

Normally, an antivirus program should detect the malware and remove it, but if it doesn't (or you don't have one), you may download Palevo Removal v2 from here. This program should automatically close the virus and remove it. All you need to do then is to reboot.

Note: Windows 7 and Vista users must click "This program works correctly" when prompted.

Thanks to the Romanian website called IT Security which made everything possible. (Google translated webpage here).

Update: The admin from IT Security warned me that the virus is downloading more and more files with strange names (it's quite impossible to keep up with it). He also told me that using Malwarebytes should help much (download here). Make sure to update after installation and then perform a full scan.